BBB behind WAF (80/443 requests) #20182
Comments
|
Is there any solution available where BBB can use port 443 directly without using HA and upstream? @ffdixon |
|
Do we have any solution for routing Nginx to 443 instead of 80 (as we have currently in |
|
Hi @cod3r0k Also, have you tried the same setup but without haproxy? Possibly adding haproxy to be the last step, after WAF? |
|
Dear @antobinary I am currently using BBB version 2.7, which installs HAProxy by default. However, I recall that in version 2.6 and earlier versions, it was possible to configure the system to listen on port 443 directly through the I would like to test the latest version without HAProxy to see if it resolves my issues. Could you please provide any guidance or documentation on how to set up BBB 2.7 without HAProxy? Thank you for your assistance. |
|
Hi there,
If you setup an external TURN server, you can configure BigBlueButton to
use the external TURN server and bypass HAProxy. See
https://github.com/bigbluebutton/bbb-install/blob/v2.7.x-release/bbb-install.sh#L61
Try the above and let us know if that works for you.
Regards,... Fred
…On Sat, May 11, 2024 at 3:27 PM cod3r0k ***@***.***> wrote:
Dear @antobinary <https://github.com/antobinary>
I am currently using BBB version 2.7, which installs HAProxy by default.
However, I recall that in version 2.6 and earlier versions, it was possible
to configure the system to listen on port 443 directly through the
/etc/nginx/site-available/bigbluebutton file, bypassing HAProxy.
I would like to test the latest version without HAProxy to see if it
resolves my issues. Could you please provide any guidance or documentation
on how to set up BBB 2.7 without HAProxy?
Thank you for your assistance.
—
Reply to this email directly, view it on GitHub
<#20182 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AACG4L6DK2SKVDLQL2O2QD3ZBZWI7AVCNFSM6AAAAABHKIJ2ZSVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCMBVHE4TSMRQGQ>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
--
Co-founder BigBlueButton
https://bigbluebutton.org/
Like BigBlueButton? Tweet us at @bigbluebutton
|
|
Merging into #20313 |
I am trying to install BigBlueButton (BBB) behind a Web Application Firewall (WAF) within a local network, which means that BBB does not have a public IP address. Initially, I used a self-signed certificate for our BBB setup and everything worked well. However, when I added the WAF between the user and BBB, it blocked the user's requests, preventing them from reaching BBB. This issue arises because BBB, configured with a self-signed certificate, runs on port 80 (as verified in /etc/nginx/sites-available/bigbluebutton). It also uses HAProxy (/etc/haproxy/haproxy.cfg) which binds requests to port 443. This setup causes the WAF to block the request when another proxy is involved. How can we effectively use BBB with a WAF? I suspect there might be an issue with the use of a self-signed certificate, or perhaps the problem stems from another issue. Unfortunately, I don't have web access when trying to use the WAF. Please help us resolve this issue
The text was updated successfully, but these errors were encountered: